JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.42.115.155

193.42.115.155 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 45%: ?

45%

ISP	Sprinthost LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35278
Domain Name	sprinthost.ru
Country	🇷🇺 Russian Federation
City	Saint Petersburg, St.-Petersburg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.42.115.155

Whois 193.42.115.155

IP Abuse Reports for 193.42.115.155:

This IP address has been reported a total of 15 times from 11 distinct sources. 193.42.115.155 was first reported on June 1st 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 dyln	2026-06-01 16:16:02 (2 weeks ago)	Dyls honeypot brute-force: SSH (29 total hits)	Brute-Force SSH
🇩🇪 noteng.no	2026-06-01 16:15:03 (2 weeks ago)	2026-06-01T16:10:58.370149+00:00 debian-4gb-nbg1-1 sshd-session[847670]: Invalid user admin from 193 ... show more 2026-06-01T16:10:58.370149+00:00 debian-4gb-nbg1-1 sshd-session[847670]: Invalid user admin from 193.42.115.155 port 33274 2026-06-01T16:11:28.834009+00:00 debian-4gb-nbg1-1 sshd-session[847676]: Invalid user orangepi from 193.42.115.155 port 51172 2026-06-01T16:15:02.415353+00:00 debian-4gb-nbg1-1 sshd-session[847696]: Invalid user test from 193.42.115.155 port 58376 ... show less	Brute-Force SSH
🇵🇾 SecOpsSL	2026-06-01 16:14:59 (2 weeks ago)	2026-06-01T13:14:25.069111ns1.softlan.com.py sshd[202498]: pam_unix(sshd:auth): authentication failu ... show more 2026-06-01T13:14:25.069111ns1.softlan.com.py sshd[202498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.115.155 2026-06-01T13:14:26.814208ns1.softlan.com.py sshd[202498]: Failed password for invalid user admin from 193.42.115.155 port 58176 ssh2 2026-06-01T13:14:59.586742ns1.softlan.com.py sshd[202516]: Invalid user orangepi from 193.42.115.155 port 36430 ... show less	Brute-Force SSH
🇳🇱 Savvii	2026-06-01 16:08:50 (2 weeks ago)	20 attempts against mh-ssh on star	Brute-Force SSH
🇩🇪 grassau.com	2026-06-01 16:07:27 (2 weeks ago)	(sshd) Failed SSH login from 193.42.115.155 (RU/Russia/St.-Petersburg/St Petersburg/-)	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-01 16:04:56 (2 weeks ago)	(mod_security) mod_security (id:218420) triggered by 193.42.115.155 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:218420) triggered by 193.42.115.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 12:04:49.179808 2026] [security2:error] [pid 31649:tid 31649] [client 193.42.115.155:43046] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|192.64.150.110:80\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "192.64.150.110"] [uri "/hello.world"] [unique_id "ah2toTSK4bSb6OqbJuqm2gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 formality	2026-06-01 15:57:59 (2 weeks ago)	Invalid user admin from 193.42.115.155 port 53684	Brute-Force SSH
🇳🇱 majo-it.nl	2026-06-01 15:57:36 (2 weeks ago)	Jun 1 15:57:33 fail2ban sshd[3669469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ... show more Jun 1 15:57:33 fail2ban sshd[3669469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.115.155 Jun 1 15:57:35 fail2ban sshd[3669469]: Failed password for invalid user admin from 193.42.115.155 port 35670 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-06-01 15:54:35 (2 weeks ago)	Automated report (2026-06-01T15:54:35+00:00). Traversal attack detected.	Hacking Web App Attack
Anonymous	2026-06-01 15:54:34 (2 weeks ago)	Automated report (2026-06-01T15:54:34+00:00). Query command injection attempt detected.	Hacking
Anonymous	2026-06-01 15:54:33 (2 weeks ago)	Automated report (2026-06-01T15:54:34+00:00). Caught probing for CVE-2018-20062 vulnerability.	Hacking Web App Attack
Anonymous	2026-06-01 15:54:25 (2 weeks ago)	Automated report (2026-06-01T15:54:25+00:00). Hack attempt detected.	Hacking
🇳🇱 Savvii	2026-06-01 15:50:35 (2 weeks ago)	20 attempts against mh-ssh on argon	Brute-Force SSH
🇺🇸 xmission.com	2026-06-01 15:45:57 (2 weeks ago)	Blocked by UFW (TCP on 2222) Source port: 37436 TTL: 56 Packet length: 40 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2222) Source port: 37436 TTL: 56 Packet length: 40 TOS: 0x00 This report (for 193.42.115.155) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-01 15:43:49 (2 weeks ago)	Honeypot detection: SSH brute-force authentication attempt on port 22. Severity: MEDIUM. Aaran.cloud	SSH Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9e89:3001

🇺🇸 172.234.218.87

🇵🇰 116.71.133.130

🇯🇵 115.178.115.94

🇬🇧 80.190.82.187

🇺🇸 216.73.160.170

🇧🇴 181.188.172.6

🇺🇸 173.255.193.181

🇲🇽 138.122.99.20

🇲🇽 138.122.96.199

🇭🇳 131.161.55.5

🇳🇱 45.148.10.152

🇸🇬 45.78.206.111

🇺🇸 20.85.246.45

🇺🇸 20.29.23.140

🇹🇷 5.11.241.108

🇩🇪 3.126.146.123

🇺🇸 216.180.246.78

🇧🇷 205.210.31.255

🇳🇱 192.253.248.56